cfengine - network configuration engine
cfengine is a language based system specifically designed for testing
and configuring unix-like systems attached to a TCP/IP network. You can
think of cfengine as a very high level language -- much higher level
than Perl or shell. A single statement can result in many hundreds of
links being created, or the permissions of many hundreds of files being
set. The idea of cfenginge is to create a single file or set of
configuration files which will describe the setup of every host on your
cfagent runs on every host and parses one file (or file-set), the
configuration of the host is checked against this file and, if desired,
any deviations are fixed. cfagent reads a configuration file called
cfengine.conf in a directory pointed to by the environment variable
CFINPUTS. cfagent performs host integrity and security checks as well
as installing and repairing system configuration.
COMMAND LINE OPTIONS
-a (--sysadm) Print only the name of the system
administrator then quit.
-b (--force-net-copy) Forces net copy even if remote server is
-c (--no-check-files) Do not check access rights on file systems
-C (--no-check-mounts) Check mount points for consistency. If this
option is set then directories which lie in
the ”mount point“ area are checked to see
whether there is anything mounted on them.
-d (--debug) Enable debugging output. (parsing -d1,run,
-d2, lite -d3)
-D (--define) Define a compound class symbol of the form
-e (--no-edits) Suppress file editing.
-E (--enforce-links) Globally force links to be created where plain
files or links already exist. You have to use
this in interactive mode and answer a yes/no
query before cfagent will run like this.
-f (--file) Parse filename after this switch. By default
cfagent looks for a file called cfengine.conf
in the current directory.
-h (--help ) Help information. Display version banner and
-H (--no-hard-classes) Prevents cfagent from generating any internal
class name information. Can be used for
-i (--no-ifconfig) Do not attempt to configure the local area
-I (--inform) Switches on the inform output level, whereby
cfagent reports everything it changes..
-k (--no-copy) Do not copy/image any files.
-K (--no-lock) Ignore locks when running.
-l (--traverse-links) Normally cfagent does not follow symbolic
links when recursively parsing directories.
This option will force it to do so.
Delete links which do not point to existing
files (except in user home directories, which
are not touched).
-m (--no-mount) Do not attempt to mount file systems or edit
the filesystem table.
-M (--no-modules) Ignore modules in actionsequence.
No action. Only print what has to be done
without actually doing it.
-N (--negate,--undefine) Cancel a set of classes, or undefine (set
value to false) a compound class of the form
-p (--parse-only) Parse file and then stop. Used for checking
the syntax of a program.
-q (--no-splay) Switch off host splaying (sleeping).
-s (--no-commands) Do not execute scripts or shell commands.
-S (--silent) Silence run time warnings.
-t (--no-tidy) Do not tidy file systems.
-u (--use-env) Causes cfagent to generate an environment
variable CFALLCLASSES which can be read by
child processes (scripts). This variable
contains a summary of all the currently
defined classes at any given time. This option
causes some system 5 systems to generate a Bus
Error or segmentation fault.
When this option is set, cfagent adds an
underscore to the beginning of all hard system
classes (like _sun4, _linux etc.) This can be
used to avoid naming conflicts if you are so
injudicious as to name a host by the name of a
hard class. Other classes are not affected.
-v (--verbose) Verbose mode. Prints detailed information
about actions and state.
-V (--version) Print only the version string and then quit.
-x (--no-preconf) Do not execute the cf.preconf net
-X (--no-links) Do not execute the links section of a program.
-w (--no-warn,--quiet) Do not print warning messages.
Mark Burgess, Oslo University College